How to Change SSH Port on Linux Server
SSH (Secure Shell) is the main protocol for remote management of Linux server, which allows you to securely connect to the server and manage the system via the command line.
One of the most common settings on a Linux server that you will do when initially installing the system is changing the connection port. By default, the SSH protocol uses port 22 to connect to the server, but to improve security, it is often recommended to change this port to some other one. If you have a public IP address installed on your server, then there is a chance that the bot scanner will find your server with this port, and if it does, it will immediately start brute-forcing the password to the server.
In this article we will look at how to change the default server connection port 22 for SSH in Linux. We will use Ubuntu as the platform for conducting the work.
Contents of the article:
- Check the current SSH connection port.
- Changing SSH port.
- Restarting the SSH service.
- Examination.
1. Check the current SSH connection port.
Before changing the ssh connection port to the Linux server, for fun I want to see what ssh connection port is currently being used, for this I will use the command:
~$ sudo lsof -Pi | grep ssh
As we can see, the result is that the ssh service listens on port 22.
2. Changing SSH Port.
By default, all the main settings of the ssh service are located in the /etc/ssh path and in this directory there is a file with settings called sshd_config.
/etc/ssh
Directory /etc/ssh
Open the file with the sshd_config settings and look for the Port parameter.
~$ vim sshd_config
sshd_config file
Next, we comment out the Port parameter and change the values from 22, for example, to 222, then save the file and close it.
3. Restarting the SSH service.
After we changed the connection port from 22 to 222 in the sshd_config file, now for all the changes to take effect we need to restart the ssh service in Ubuntu, for this we use the commands:
~$ systemctl daemon-reload
~$ service ssh restart
4. Check.
Now, after everything we have done, all we have left to do is check which port the sshd service is currently listening to. To do this, we will use the same command:
~$ sudo lsof -Pi | grep ssh
As we can see, the sshd service now listens to port 222 and not 22, which means that we did everything correctly.
As a result, today we looked at how to quickly and easily change the standard port for connecting to the SSH 22 server. This approach will also work on other platforms such as Centos, Debian, Fedora, Oracle Linux and others.
It is possible that if you change the port on the Centos platform, you will also have to open this port on the Firewall before restarting the ssh service, otherwise it may turn out that you change the connection port, then restart the ssh service, and this port will be closed on the Firewall, then you will lose access to your server completely.